Add script to generate metadata for use in compatibility testing. #237
Conversation
There was a problem hiding this comment.
A few things other things:
- First, it looks like you hit a test failure. You can ignore the appveyor, that's going away.
- Darn, I thought I added a mode FileSystemBuilder that lets us pretty print the metadata. That makes it much easier to review. I filed Extend FileSystemRepositoryBuilder to support pretty printing metadata #238 to track implementing this.
| use tuf::repository::{FileSystemRepository, FileSystemRepositoryBuilder, Repository}; | ||
|
|
||
| // TODO parametrize this better/find it within the build? | ||
| const KEYS_PATH: &str = "./keys.json"; |
There was a problem hiding this comment.
This should be okay for now. I've been thinking about re-laying out the directory structure, so we could handle improving discovery of the keys.json file then.
tests/metadata/generate.rs
Outdated
| .join((step - 1).to_string()) | ||
| .join("repository"); | ||
| let dst = Path::new(dir).join(step.to_string()); | ||
| Command::new("cp") |
There was a problem hiding this comment.
Could you use /bin/cp, just to make sure we don't pick up any old cp executable in the current directory? It should be okay if this only is runnable on a posix-y system, since this is a test script.
| keys | ||
| } | ||
|
|
||
| fn copy_repo(dir: &str, step: u8) { |
There was a problem hiding this comment.
Generally speaking I'd prefer this call some rust function to copy the directories, since we might not guarantee that cp is available. Eventually I'd like to turn this into a test library, so that we can add a test that will complain if we accidentally change the metadata format without regenerating the test metadata, like we're doing in go-tuf.
Unfortunately, I'm guessing you discovered there's no standard library way for copying directories. We might be able to pull in a crate for this (fs_extra seems popular, but we need to check out it's quality), but for now I say we punt for now and solve this later for when we create this identity test.
So in short, could you add a // TODO replace this with pure rust library so it's portable across OSes?
| } | ||
|
|
||
| // adds a target and updates the non-root metadata files. | ||
| async fn add_target( |
There was a problem hiding this comment.
More evidence we need a helper library for generating metadata.
There was a problem hiding this comment.
@alpearce is it ok for you if I attempt at the library part or is it something you would like to do?
tests/metadata/generate.rs
Outdated
|
|
||
| async fn generate_repos(dir: &str, consistent_snapshot: bool) -> tuf::Result<()> { | ||
| // Create initial repo. | ||
| // TODO: @erickt, this impl is very tied to the json keys file. Do we need it to be more flexible? |
There was a problem hiding this comment.
This should be fine for now.
tests/metadata/generate.rs
Outdated
| .unwrap(); | ||
| copy_repo(dir, i); | ||
|
|
||
| let root_signer: Option<PrivateKey> = match r { |
There was a problem hiding this comment.
Nit: I think you can leave off Option<PrivateKey>.
|
Updated:
|
|
Nice! We should fix #238 before merging this one otherwise reviews are going to be impossible. |
|
Borrowed the "linkify-metadata" script from go-tuf and regenerated symlinked metadata. |
This adds an interchange called `JsonPretty`, which makes it easier for humans to review metadata changes. It is identical to `tuf::interchange::Json`, except for the implementation of `to_writer`. Instead of writing out the canonical form, it writes out a pretty printed form of the data. In addition, it changes `SnapshotMetadataBuilder::insert_metadata_with_path` and `TimestampMetadataBuilder::from_snapshot` to use `D::to_writer`. This makes sure that the hash of these metadata files are computed from the format written to disk, instead of the canonical format.
|
A couple more things:
|
|
Prettified, squashed, separated metadata, fixed bug, added TODO in Cargo.toml. |
(Also check in generated metadata.)
We want to be explicit about making changes to rust-tuf that change the metadata it generates. go-tuf accomplishes this by containing checked-in keys and metadata generated by go-tuf and, in a unit test, asserts that it produces byte-for-byte equivalent metadata. That way, changes to the library that change generated metadata must include corresponding changes to the checked-in metadata to indicate the change in behavior.
This patch includes the metadata generator and the first set of generated metadata. It uses the same keys as the go-tuf generator so that this metadata can also be used for comparison across implementations.
Feel free to go wild on the review; this is the biggest hunk of Rust I've written and I'd appreciate a lot of comments.